Current system status and maintenance notifications

Stack Clash Vulnerability – Jun 19, 2017 – 15:30 PT

Stack Clash is a vulnerability that affects memory management of Unix-based operating systems. Attackers exploit this vulnerability by corrupting memory by stacking with another memory region in the system and executing an arbitrary code. These exploits are Local Privilege Escalations where the attacker can exploit the stash vulnerability and obtain full root privileges.

Severity

Critical

CVE

CVE-2017-1000364

CVE-2017-1000365

CVE-2017-1000367

Impacted Operation Systems

Several Unix-based operating systems including:

Linux

OpenBSD

NetBSD

FreeBSD

Solaris on i386 and amd64

Recommended Actions

Please apply the latest updates and patches immediately if you are an administrator of a multi-user Linux/BSD system. Other systems can be patched on the monthly cycle.